Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-11-02 | CVE-2013-1084 | Path Traversal vulnerability in Novell Zenworks Configuration Management 11.2.3 Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers to read arbitrary files via a .. | 5.0 |
2013-10-25 | CVE-2013-6127 | Path Traversal vulnerability in Wellintech Kingview The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the two pathname arguments, as demonstrated by a directory traversal attack. | 5.8 |
2013-10-19 | CVE-2013-5534 | Path Traversal vulnerability in Cisco Unity Connection Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for a file that is not a valid audio file, aka Bug ID CSCuj22948. | 4.0 |
2013-10-11 | CVE-2013-4173 | Path Traversal vulnerability in Xymon Directory traversal vulnerability in the trend-data daemon (xymond_rrd) in Xymon 4.x before 4.3.12 allows remote attackers to delete arbitrary files via a .. | 5.0 |
2013-10-11 | CVE-2013-5528 | Path Traversal vulnerability in Cisco Unified Communications Manager Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815. | 4.0 |
2013-10-04 | CVE-2013-3541 | Path Traversal vulnerability in Ovislink Airlive Wl2600Cam Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive WL2600CAM and possibly other camera models allows remote attackers to read arbitrary files via a .. | 7.8 |
2013-10-02 | CVE-2012-4104 | Path Traversal vulnerability in Cisco Unified Computing System Absolute path traversal vulnerability in the image-download process in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to overwrite or delete arbitrary files via a full pathname in an image header, aka Bug ID CSCtq02706. | 6.6 |
2013-09-30 | CVE-2013-5692 | Path Traversal vulnerability in X2Engine X2Crm Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. | 8.5 |
2013-09-28 | CVE-2013-2068 | Path Traversal vulnerability in Redhat Cloudforms Management Engine 5.1 Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. | 9.4 |
2013-09-16 | CVE-2013-5751 | Path Traversal vulnerability in SAP Netweaver Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |